Commit 832d4e49 authored by Mike Street's avatar Mike Street
Browse files

Task: Restrict function to same origin

parent 538c1d73
......@@ -3,6 +3,14 @@ require('dotenv').config();
const fetch = require('node-fetch');
exports.handler = function(event) {
// Check we are being called from the same site
if(event.headers['sec-fetch-site'] !== 'same-origin') {
return {
statusCode: 401,
body: 'You are not authorized to access this function'
};
}
// Check we have an action in the URL
if(!event.queryStringParameters.action) {
return {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment